Re: [phplib] Default authentication From: Maurice Jumelet (maurice <email protected>)
Date: 08/31/00

You can implement an cancel button for the login form (see documentation) ,
that would make it possible for the user to drop out of the login form.
Personally I didn't like this option and I added a function to my auth class
to check the credentials before I actually login the user. Otherwise the
user stays in the login loop, this is because the auth->mode value stays in
login mode I guess, someone might know more about this one...

I make use of the auth_preauth function in the auth object (see
documentation)

Hope this helps, it does work for me (see NOXX.com)

Maurice Jumelet

class Auth {
function auth_preauth()

    global $username, $password, $self;

 if ($self == true)
  {
   $value = $this->auth_validatelogin();
   return $value;
  } else return false;
    }

function check_credentials($username, $password)
  {
      $this->db->query(sprintf("select login_date, user_id, perms, shop_id
".
                             " from %s ".
                             " where username = '%s' ".
                             " and password = '%s'",
                          $this->database_table,
                          addslashes($username),
                          addslashes($password)));
  if ($this->db->nf() != 0)
  {
   return true;
  } else return false;
  }
}

my login page has the following code

if ($auth->check_credentials($username, $password)) {
/* user entered some credentials */

 $self = true; // used for pre_auth routine see local.inc
 $auth->login_if(true);
 $success = true;
 /* jump to main site again now credentials are correct */
 header("location: " . $sess->url("index.php3"));
} else {
/* password failure */

 $success = false;
}

----- Original Message -----
From: Guillaume Desclaux <gdesclaux <email protected>>
To: Phplib Mailing List <phplib <email protected>>
Sent: Thursday, August 31, 2000 8:12 PM
Subject: [phplib] Default authentication

> Hi,
>
> I've setup a default_auth class. Then I use the login_if(again) (with
> again=yes) to permit a user to really authentify himself.
> But : How to fallback into Default mode (nobody) if ,finally, the user
> decide to not authentify himself ?
>
> Another problem : I'd like to have a "login form" displayed on all the
> pages while the user is "nobody" to permit a user to authentify himself
> without having to push an hyperlink to a specific login page...
>
> I suppose that the 2 problems are similar and are related to the start
> method...
>
> Guillaume
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: phplib-unsubscribe <email protected>
> For additional commands, e-mail: phplib-help <email protected>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>